or Connect
AppleInsider › Forums › Software › Mac OS X › Apple working on software to detect and remove Flashback trojan
New Posts  All Forums:Forum Nav:

Apple working on software to detect and remove Flashback trojan - Page 2

post #41 of 48
It will be nice when this happens. The Kaspersky removal tool that was just released and is exploding all over the web doesn't work at all just gives an error that the tool needs to be updated and some failed rm command.
post #42 of 48
Quote:
Originally Posted by PB View Post

There is HTML5 for this; see a few posts above. All you need to do is to type in the URL field of your browser

http://www.youtube.com/html5

and YouTube will tell you the rest.

Thanks, I was not aware of that! I would love to get rid of Flash. Just dumped Java last week, and so far nothing that I normally do online has been affected.
post #43 of 48
I've never been infected by anything on any of my personal or work Macs, but I think it is time Apple developed and delivered its own free security software much like Microsoft Security Essentials.

It could be called Apple Really Secure Essentials.
post #44 of 48
Quote:
Originally Posted by alienzed View Post

Computers will never be safe when people who don't know how to use them are in control. It'd be like putting a preteen at the wheel of a truck, what do you expect is going to happen?

You have vehicles fitted with seat-belts and airbags to protect the idiots. Shame about the victims who inadvertently get in the way. Developers of Operating Systems must protect their passengers.
post #45 of 48
I wonder how good this number is.

They're now saying that the number is 230,000 to 270,000:
http://www.techweekeurope.co.uk/news...sh-botne-72458

Now, one of two things has happened:

1. Apple has somehow managed to reduce the number of bots by 60% even though they haven't released any software to fix it
or
2. The numbers are nothing more than guesswork and have no validity

I think #2 is far more likely.
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
post #46 of 48
Quote:
Originally Posted by jragosta View Post

I wonder how good this number is.

They're now saying that the number is 230,000 to 270,000:
http://www.techweekeurope.co.uk/news...sh-botne-72458

Now, one of two things has happened:

1. Apple has somehow managed to reduce the number of bots by 60% even though they haven't released any software to fix it
or
2. The numbers are nothing more than guesswork and have no validity

I think #2 is far more likely.

If you had been following along you would know that there's been several different sites, forums, bloggers and security firms who have posted methods of finding out if your machine is infected as well as how to remove it. Apparently some number of Mac users did see the news and took their advice, successfully cutting the current infection down to around a quarter million from the original 650K.


http://www.eweek.com/c/a/Security/FS...m-Macs-830858/
http://reviews.cnet.com/8301-13727_7...are-from-os-x/
http://www.tuaw.com/2012/04/12/flash...ecurity-firms/
http://www.youtube.com/watch?v=bq1sQXW4KEg
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #47 of 48
Quote:
Originally Posted by jragosta View Post

I wonder how good this number is.

They're now saying that the number is 230,000 to 270,000:
http://www.techweekeurope.co.uk/news...sh-botne-72458

Now, one of two things has happened:

1. Apple has somehow managed to reduce the number of bots by 60% even though they haven't released any software to fix it
or
2. The numbers are nothing more than guesswork and have no validity

I think #2 is far more likely.

It's not "guesswork" - it's straightforward arithmetic. Set up a false command server and count the number of bots that check in. The method used to tracking the number of declining infections is the same method used to figure out the initial infection rate. I've asked in another thread and I'll ask here - what's wrong with this method? No one yet has explained why this method is flawed. Since you can't knock down the method with actual reasons, you just resort to asserting that it has "no validity" - no explanation why it's not valid, it just isn't valid.

Honestly, I cannot believe the cherrypicking going on here, the obstinate refusal to believe facts that you don't want to believe, reality, logic and consistency be damned. It's like every cliched stereotype of a deluded Apple fanboys come to life.

As for what accounts for the drop in figure, there's also option 3 - that some of the reduction isn't due to trojans being removed yet but are being blocked from checking into the command servers by DNS blocks set up by providers such as Open DNS (Open DNS has announced that they are blocking access to the trojan's command servers, preventing infected computers from communicating and receiving new instructions and code). I would think that the security firms are making sure that DNS blocks aren't being applied to their fake servers so that they can continue to track this botnet accurately but given that Apple apparently misidentified a fake server as a real one and tried to take it down, you can't discount the possibility.

For those who are curious about the details of the trojan and how it's being tracked, go to Symantec's blog post on the topic. They've set up their own command servers - just like Kaspersky and Dr. Web - and are monitoring the botnet:

http://www.symantec.com/connect/blog...ns-down-270000

And Symantec has released their own free Flashback detection and removal tool:

http://www.symantec.com/security_res...041214-1825-99

Now there are 3 removal tools from the 3 of the biggest security firms out there - Symantec, Kaspersky and F Secure. All of them are free.
post #48 of 48
Quote:
Originally Posted by hill60 View Post

They are likely to be among the 99% of Mac owners who have not been infected, 99%!

Well you're right, but it doesn't change the fact that this happened right after the fact and now I have to hear about it.
Just say no to MacMall.  They don't honor their promotions and won't respond to customer inquiries.  There are better retailers out there.
Reply
Just say no to MacMall.  They don't honor their promotions and won't respond to customer inquiries.  There are better retailers out there.
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac OS X
AppleInsider › Forums › Software › Mac OS X › Apple working on software to detect and remove Flashback trojan